Soundy Analysis Techniques for Web Development

XQuery [1] is the standard language language dedicated
to XML data querying and manipulation. As opposed to
other NoSQL languages (and e.g. XSLT in particular), it
has been intended to feature strong static typing [5].

As emphasized in [4], "static program analysis is a key
component of many software development tools, including
compilers, development environments, and verification
tools. Analyses are often expected to be sound in that
their result models all possible executions of the
program under analysis. Soundness implies that the
analysis computes an over-approximation in order to stay
tractable [5]; the analysis result will also model
behaviors that do not actually occur in any program
execution. The precision of an analysis is the degree to
which it avoids such spurious results. Users expect
analyses to be sound as a matter of course, and desire
analyses to be as precise as possible, while being able
to scale to large programs."

It was shown in [2] that sound yet precise static
analyses are possible for an XQuery fragment [2], even
for complex expressions that navigate in XML trees
[2,3]. While soundness seems essential for any kind of
static program analysis, approximations and omissions
are usually required for language features when applied
to real programs. This is coined by the recent concept
of soundiness [4] which defines "soundy analyses": a
soundy analysis aims to be as sound as possible without
excessively compromising precision or scalability.

The goal of this internship is to investigate methods of
code analysis which take advantage of sound verification
systems developed for XQuery language fragments in the
literature (such as [2]) to efficiently compute useful
guarantees on real XQuery code used in production.